Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/09/04 11:33 a.m.4 views

CVE-2025-52546

E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can inject a stored XSS to the floorplan web page...

5.1CVSS6.4AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/04 11:33 a.m.16 views

CVE-2025-52548

E3 Site Supervisor Control firmware version 2.31F01 contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the...

6.9CVSS6.9AI score0.00328EPSS
Exploits0References1
NVD
NVD
added 2025/09/02 12:15 p.m.6 views

CVE-2025-52546

E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can inject a stored XSS to the floorplan web page...

6.1CVSS0.00189EPSS
Exploits0References1
NVD
NVD
added 2025/09/02 12:15 p.m.12 views

CVE-2025-52543

E3 Site Supervisor Control firmware version 2.31F01 application services MGW and RCI uses client side hashing for authentication. An attacker can authenticate by obtaining only the password hash...

7.5CVSS0.00282EPSS
Exploits0References1
NVD
NVD
added 2025/09/02 12:15 p.m.6 views

CVE-2025-52544

E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system...

8.8CVSS0.00334EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.12 views

PT-2025-35556

Name of the Vulnerable Software and Affected Versions: E3 Site Supervisor Control versions prior to 2.31F01 Description: E3 Site Supervisor Control firmware version prior to 2.31F01 MGW contains an API call lacking input validation. An attacker can use this command to continuously crash the...

8.7CVSS6.5AI score0.00312EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.6 views

PT-2025-35557

Name of the Vulnerable Software and Affected Versions: E3 Site Supervisor Control versions prior to 2.31F01 Description: E3 Site Supervisor Control firmware version prior to 2.31F01 contains a hidden API call within the application services that enables SSH and Shellinabox. These services exist b...

6.9CVSS6.4AI score0.00328EPSS
Exploits0References4
Rows per page
Query Builder